package org.yi.core.interceptor;

import org.apache.shiro.SecurityUtils;

import com.jfinal.aop.Interceptor;
import com.jfinal.aop.Invocation;
import com.jfinal.core.Controller;

public class SessionInterceptor implements Interceptor {
	
	@Override
	public void intercept(Invocation ai) {
		
		//if user has authenticated, invoke next interceptor
		if(SecurityUtils.getSubject().isAuthenticated()){
			ai.invoke();
		} else {
			//else redirect to login page
			Controller c = ai.getController();
			//if session is null, redirect to login page
			if(SecurityUtils.getSubject().getSession() != null) {
				if(c.getRequest().getRequestURI().contains("/admin/account/login") 
						|| c.getRequest().getRequestURI().contains("/captcha")){
					ai.invoke();
				} else {
					c.redirect("/admin/account/login");
				}
			} else {
				c.redirect("/admin/account/login");
			}
		}
	}

}
